YoVDO

Network Attached Shell - N.A.S.ty Systems that Store Network Accessible Shells

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Network Security Courses Command Injection Courses Directory Traversal Courses Network Attached Storage Courses Authentication Bypass Courses Memory Corruption Courses

Course Description

Overview

Explore the critical security vulnerabilities in network-attached storage (NAS) devices from major manufacturers like Seagate, D-Link, and Netgear in this 52-minute Black Hat conference talk. Delve into the extensive analysis conducted by Independent Security Evaluators (ISE) that uncovered dozens of previously undisclosed vulnerabilities. Learn how these security flaws not only expose stored data but also provide attackers with a vantage point for further network infrastructure exploitation. Examine various attack vectors, including command injection, directory traversal, authentication bypass, memory corruption, and backdoors, that can lead to administrative access. Discover how unauthenticated attackers can compromise and control storage systems with and without user interaction. Gain insights into the widespread use of NAS devices in homes, schools, government agencies, and businesses worldwide, and understand the implications of their security shortcomings. Witness live demonstrations of vulnerability exploitation to achieve root shell access, highlighting the urgent need for improved security measures in network storage and hardware devices.

Syllabus

Network Attached Shell: N.A.S.ty Systems that Store Network Accessible Shells


Taught by

Black Hat

Related Courses

An Introduction to Computer Networks
Stanford University via Independent
Computer Networks
University of Washington via Coursera
Computer Networking
Georgia Institute of Technology via Udacity
Cybersecurity and Its Ten Domains
University System of Georgia via Coursera
Model Building and Validation
AT&T via Udacity